use of org.springframework.security.oauth2.server.authorization.client.RegisteredClient in project spring-authorization-server by spring-projects.
the class OAuth2AuthorizationCodeAuthenticationProviderTests method authenticateWhenClientPrincipalNotAuthenticatedThenThrowOAuth2AuthenticationException.
@Test
public void authenticateWhenClientPrincipalNotAuthenticatedThenThrowOAuth2AuthenticationException() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient.getClientId(), ClientAuthenticationMethod.CLIENT_SECRET_BASIC, registeredClient.getClientSecret(), null);
OAuth2AuthorizationCodeAuthenticationToken authentication = new OAuth2AuthorizationCodeAuthenticationToken(AUTHORIZATION_CODE, clientPrincipal, null, null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthenticationException.class).extracting(ex -> ((OAuth2AuthenticationException) ex).getError()).extracting("errorCode").isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
}
use of org.springframework.security.oauth2.server.authorization.client.RegisteredClient in project spring-authorization-server by spring-projects.
the class OAuth2AuthorizationCodeRequestAuthenticationProviderTests method authenticateWhenConsentRequestInvalidPrincipalThenThrowOAuth2AuthorizationCodeRequestAuthenticationException.
@Test
public void authenticateWhenConsentRequestInvalidPrincipalThenThrowOAuth2AuthorizationCodeRequestAuthenticationException() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient).principalName(this.principal.getName().concat("-other")).build();
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = authorizationConsentRequestAuthentication(registeredClient, this.principal).build();
when(this.authorizationService.findByToken(eq(authentication.getState()), eq(STATE_TOKEN_TYPE))).thenReturn(authorization);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class).satisfies(ex -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex, OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.STATE, null));
}
use of org.springframework.security.oauth2.server.authorization.client.RegisteredClient in project spring-authorization-server by spring-projects.
the class OAuth2AuthorizationCodeRequestAuthenticationProviderTests method authenticateWhenPrincipalNotAuthenticatedThenReturnAuthorizationCodeRequest.
@Test
public void authenticateWhenPrincipalNotAuthenticatedThenReturnAuthorizationCodeRequest() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))).thenReturn(registeredClient);
this.principal.setAuthenticated(false);
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = authorizationCodeRequestAuthentication(registeredClient, this.principal).build();
OAuth2AuthorizationCodeRequestAuthenticationToken authenticationResult = (OAuth2AuthorizationCodeRequestAuthenticationToken) this.authenticationProvider.authenticate(authentication);
assertThat(authenticationResult).isSameAs(authentication);
assertThat(authenticationResult.isAuthenticated()).isFalse();
}
use of org.springframework.security.oauth2.server.authorization.client.RegisteredClient in project spring-authorization-server by spring-projects.
the class OAuth2AuthorizationCodeRequestAuthenticationProviderTests method authenticateWhenRequireAuthorizationConsentAndOnlyOpenidScopeRequestedThenAuthorizationConsentNotRequired.
@Test
public void authenticateWhenRequireAuthorizationConsentAndOnlyOpenidScopeRequestedThenAuthorizationConsentNotRequired() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build()).scopes(scopes -> {
scopes.clear();
scopes.add(OidcScopes.OPENID);
}).build();
when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))).thenReturn(registeredClient);
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = authorizationCodeRequestAuthentication(registeredClient, this.principal).build();
OAuth2AuthorizationCodeRequestAuthenticationToken authenticationResult = (OAuth2AuthorizationCodeRequestAuthenticationToken) this.authenticationProvider.authenticate(authentication);
assertAuthorizationCodeRequestWithAuthorizationCodeResult(registeredClient, authentication, authenticationResult);
}
use of org.springframework.security.oauth2.server.authorization.client.RegisteredClient in project spring-authorization-server by spring-projects.
the class OAuth2AuthorizationCodeRequestAuthenticationProviderTests method authenticateWhenClientNotAuthorizedToRequestCodeThenThrowOAuth2AuthorizationCodeRequestAuthenticationException.
@Test
public void authenticateWhenClientNotAuthorizedToRequestCodeThenThrowOAuth2AuthorizationCodeRequestAuthenticationException() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().authorizationGrantTypes(Set::clear).authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS).build();
when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))).thenReturn(registeredClient);
OAuth2AuthorizationCodeRequestAuthenticationToken authentication = authorizationCodeRequestAuthentication(registeredClient, this.principal).build();
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthorizationCodeRequestAuthenticationException.class).satisfies(ex -> assertAuthenticationException((OAuth2AuthorizationCodeRequestAuthenticationException) ex, OAuth2ErrorCodes.UNAUTHORIZED_CLIENT, OAuth2ParameterNames.CLIENT_ID, authentication.getRedirectUri()));
}
Aggregations